General
-
Target
4e0eb1e7bdd8a79f769defedcb329266288faf949e8b8d8c7a63fa47ab57be8a
-
Size
132KB
-
MD5
82b65966c34163a7bdac7fe07acd8e64
-
SHA1
740263256cc774dc7c68cccb543935025a41fd92
-
SHA256
4e0eb1e7bdd8a79f769defedcb329266288faf949e8b8d8c7a63fa47ab57be8a
-
SHA512
759f70e1a194da38d87119a1219b3b4d80846b24c6788619a6653e3dfda551366a6286a22c2ec372f6bd9f595737b1c17d9cf74d50e4c76ea7bfcf94f006e174
-
SSDEEP
3072:8fn4Kh2cFY9eiyOjFBz65/M6If+3Js+3JFkKeTnK:83BY9L9xBt25
Score
10/10
Malware Config
Extracted
Family
xworm
Version
5.0
C2
links-examines.gl.at.ply.gg:20610
Mutex
BN3gZAjTpKjKRSE4
Attributes
-
Install_directory
%Temp%
-
install_file
svchost.exe
aes.plain
Signatures
-
Detect Xworm Payload 1 IoCs
-
Xworm family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
4e0eb1e7bdd8a79f769defedcb329266288faf949e8b8d8c7a63fa47ab57be8a
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections